Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/cn.hutool/hutool-all@4.5.4
Typemaven
Namespacecn.hutool
Namehutool-all
Version4.5.4
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version5.8.12
Latest_non_vulnerable_version5.8.21
Affected_by_vulnerabilities
0
url VCID-kws5-vmk8-nkgh
vulnerability_id VCID-kws5-vmk8-nkgh
summary 
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
SQL Inection vulnerability in Dromara hutool v5.8.11 allows attacker to execute arbitrary code via the aviator template engine.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-24163
reference_id
reference_type
scores
0
value 0.00454
scoring_system epss
scoring_elements 0.63773
published_at 2026-04-07T12:55:00Z
1
value 0.00454
scoring_system epss
scoring_elements 0.63852
published_at 2026-04-18T12:55:00Z
2
value 0.00454
scoring_system epss
scoring_elements 0.63843
published_at 2026-04-16T12:55:00Z
3
value 0.00454
scoring_system epss
scoring_elements 0.63807
published_at 2026-04-13T12:55:00Z
4
value 0.00454
scoring_system epss
scoring_elements 0.63855
published_at 2026-04-11T12:55:00Z
5
value 0.00454
scoring_system epss
scoring_elements 0.63841
published_at 2026-04-21T12:55:00Z
6
value 0.00454
scoring_system epss
scoring_elements 0.63789
published_at 2026-04-02T12:55:00Z
7
value 0.00454
scoring_system epss
scoring_elements 0.63816
published_at 2026-04-04T12:55:00Z
8
value 0.00454
scoring_system epss
scoring_elements 0.63824
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-24163
1
reference_url https://gitee.com/dromara/hutool
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://gitee.com/dromara/hutool
2
reference_url https://gitee.com/dromara/hutool/issues/I6AJWJ#note_15801868
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-27T14:41:45Z/
url https://gitee.com/dromara/hutool/issues/I6AJWJ#note_15801868
3
reference_url https://gitee.com/dromara/hutool/issues/I6AJWJ#note_20057806_link
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-27T14:41:45Z/
url https://gitee.com/dromara/hutool/issues/I6AJWJ#note_20057806_link
4
reference_url https://github.com/dromara/hutool/issues/3149
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-27T14:41:45Z/
url https://github.com/dromara/hutool/issues/3149
5
reference_url https://github.com/dromara/hutool/releases/tag/5.8.21
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-27T14:41:45Z/
url https://github.com/dromara/hutool/releases/tag/5.8.21
6
reference_url https://github.com/google/osv.dev/issues/2195
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-27T14:41:45Z/
url https://github.com/google/osv.dev/issues/2195
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-24163
reference_id CVE-2023-24163
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-24163
8
reference_url https://github.com/advisories/GHSA-6c25-cxcc-pmc4
reference_id GHSA-6c25-cxcc-pmc4
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6c25-cxcc-pmc4
fixed_packages
0
url pkg:maven/cn.hutool/hutool-all@5.8.12
purl pkg:maven/cn.hutool/hutool-all@5.8.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/cn.hutool/hutool-all@5.8.12
1
url pkg:maven/cn.hutool/hutool-all@5.8.21
purl pkg:maven/cn.hutool/hutool-all@5.8.21
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/cn.hutool/hutool-all@5.8.21
aliases CVE-2023-24163, GHSA-6c25-cxcc-pmc4
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kws5-vmk8-nkgh
1
url VCID-r6jz-gmx9-m3g4
vulnerability_id VCID-r6jz-gmx9-m3g4
summary 
Deserialization of Untrusted Data
Deserialization vulnerability in Dromara Hutool v5.8.11 allows attacker to execute arbitrary code via the XmlUtil.readObjectFromXml parameter.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-24162
reference_id
reference_type
scores
0
value 0.00836
scoring_system epss
scoring_elements 0.74615
published_at 2026-04-04T12:55:00Z
1
value 0.00836
scoring_system epss
scoring_elements 0.74665
published_at 2026-04-21T12:55:00Z
2
value 0.00836
scoring_system epss
scoring_elements 0.74674
published_at 2026-04-18T12:55:00Z
3
value 0.00836
scoring_system epss
scoring_elements 0.74667
published_at 2026-04-16T12:55:00Z
4
value 0.00836
scoring_system epss
scoring_elements 0.7463
published_at 2026-04-13T12:55:00Z
5
value 0.00836
scoring_system epss
scoring_elements 0.74638
published_at 2026-04-12T12:55:00Z
6
value 0.00836
scoring_system epss
scoring_elements 0.74658
published_at 2026-04-11T12:55:00Z
7
value 0.00836
scoring_system epss
scoring_elements 0.74635
published_at 2026-04-09T12:55:00Z
8
value 0.00836
scoring_system epss
scoring_elements 0.74621
published_at 2026-04-08T12:55:00Z
9
value 0.00836
scoring_system epss
scoring_elements 0.74588
published_at 2026-04-02T12:55:00Z
10
value 0.00836
scoring_system epss
scoring_elements 0.74589
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-24162
1
reference_url https://gitee.com/dromara/hutool
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://gitee.com/dromara/hutool
2
reference_url https://gitee.com/dromara/hutool/issues/I6AEX2
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-03-27T14:44:34Z/
url https://gitee.com/dromara/hutool/issues/I6AEX2
3
reference_url https://github.com/dromara/hutool/issues/2855
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-03-27T14:44:34Z/
url https://github.com/dromara/hutool/issues/2855
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-24162
reference_id CVE-2023-24162
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-24162
5
reference_url https://github.com/advisories/GHSA-77h8-5j3h-jcjf
reference_id GHSA-77h8-5j3h-jcjf
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-77h8-5j3h-jcjf
fixed_packages
0
url pkg:maven/cn.hutool/hutool-all@5.8.12
purl pkg:maven/cn.hutool/hutool-all@5.8.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/cn.hutool/hutool-all@5.8.12
aliases CVE-2023-24162, GHSA-77h8-5j3h-jcjf
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r6jz-gmx9-m3g4
Fixing_vulnerabilities
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/cn.hutool/hutool-all@4.5.4